diff --git a/README.md b/README.md index 236b9c3..879927f 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,7 @@ ### 举例 + ```yaml { "log": { @@ -34,6 +35,7 @@ ### 客户端 + ```yaml { "log": { @@ -70,8 +72,6 @@ { "users": [ { - "alterId": 4, - "security": "aes-128-gcm", "id": "" } ], @@ -91,6 +91,7 @@ ### 服务端 + ```yaml { "log": { @@ -116,7 +117,6 @@ "clients": [ { "id": "", - "alterId": 4 } ] } @@ -124,7 +124,7 @@ ], "outbounds": [ { - "protocol": "freedom", + "protocol": "freedom" }, { "protocol": "blackhole", diff --git a/ShadowSocks-Relay/config_client.json b/ShadowSocks-Relay/config_client.json deleted file mode 100644 index 87d9ffc..0000000 --- a/ShadowSocks-Relay/config_client.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "log": { - "loglevel": "warning" - }, - "inbounds": [ - { - "port": 1080, - "listen": "127.0.0.1", - "protocol": "socks", - "settings": {} - } - ], - "outbounds": [ - { - "tag": "proxy", - "protocol": "shadowsocks", - "settings": { - "servers": [ - { - "address": "", - "port": 0, - "method": "", - "password": "" - } - ] - }, - "streamSettings": {}, - "mux": { - "enabled": false - }, - "proxySettings": { - "tag": "out" - } - }, - { - "tag": "out", - "protocol": "shadowsocks", - "settings": { - "servers": [ - { - "address": "", - "port": 0, - "method": "", - "password": "" - } - ] - }, - "mux": { - "enabled": false - } - }, - { - "tag": "direct", - "protocol": "freedom", - "settings": { - "domainStrategy": "UseIP" - } - }, - { - "tag": "block", - "protocol": "blackhole", - "settings": { - "response": { - "type": "http" - } - } - } - ], - "routing": { - "domainStrategy": "AsIs", - "rules": [ - { - "type": "field", - "domain": [ - "geosite:category-ads-all" - ], - "outboundTag": "block" - }, - { - "type": "field", - "ip": [ - "geoip:private" - ], - "outboundTag": "direct" - } - ] - } -} \ No newline at end of file diff --git a/Shadowsocks-TCP/client.json b/Shadowsocks-TCP/client.json new file mode 100644 index 0000000..cd268b2 --- /dev/null +++ b/Shadowsocks-TCP/client.json @@ -0,0 +1,57 @@ +{ + "log": { + "loglevel": "warning" + }, + "routing": { + "domainStrategy": "AsIs", + "rules": [ + { + "type": "field", + "ip": [ + "geoip:private" + ], + "outboundTag": "direct" + } + ] + }, + "inbounds": [ + { + "listen": "127.0.0.1", + "port": "1080", + "protocol": "socks", + "settings": { + "auth": "noauth", + "udp": true, + "ip": "127.0.0.1" + } + }, + { + "listen": "127.0.0.1", + "port": "1081", + "protocol": "http" + } + ], + "outbounds": [ + { + "protocol": "shadowsocks", + "settings": { + "servers": [ + { + "address": "{{ host }}", + "port": 1234, + "method": "chacha20-ietf-poly1305", + "password": "{{ password}}" + } + ] + }, + "streamSettings": { + "network": "tcp" + }, + "tag": "proxy" + }, + { + "protocol": "freedom", + "tag": "direct" + } + ] +} \ No newline at end of file diff --git a/Shadowsocks-TCP/server.json b/Shadowsocks-TCP/server.json new file mode 100644 index 0000000..003d3e9 --- /dev/null +++ b/Shadowsocks-TCP/server.json @@ -0,0 +1,41 @@ +{ + "log": { + "loglevel": "warning" + }, + "routing": { + "domainStrategy": "AsIs", + "rules": [ + { + "type": "field", + "ip": [ + "geoip:private" + ], + "outboundTag": "block" + } + ] + }, + "inbounds": [ + { + "listen": "0.0.0.0", + "port": 1234, + "protocol": "shadowsocks", + "settings": { + "method": "chacha20-ietf-poly1305", + "password": "{{ password }}" + }, + "streamSettings": { + "network": "tcp" + } + } + ], + "outbounds": [ + { + "protocol": "freedom", + "tag": "direct" + }, + { + "protocol": "blackhole", + "tag": "block" + } + ] +} diff --git a/Shadowsocks-Websocket-Web-TLS/README - zh-CN.md b/Shadowsocks-Websocket-Web-TLS/README - zh-CN.md index 6bd27f7..43f3c90 100644 --- a/Shadowsocks-Websocket-Web-TLS/README - zh-CN.md +++ b/Shadowsocks-Websocket-Web-TLS/README - zh-CN.md @@ -1,42 +1,42 @@ -# 这是一个使用 V2Ray 作为 ss + v2ray plugin 服务端的示例 -> 完整的设置还需要一个web服务器解密TLS后将请求转发给后端的v2ray位于127.0.0.1:10000。由于 https://guide.v2fly.org/advanced/wss_and_web.html#%E9%85%8D%E7%BD%AE 已经有了服务器的设置这里不再赘述,可以按需参考白话文教程里的web服务器设置。 - -**config_server_redirect.json 和 config_server_domainsocket.json 选其一** - -如果使用domain socket需要修改/etc/systemd/system/v2ray.service -在[Service]部分添加 -``` -RuntimeDirectory=ss-loop -``` -'ss-loop'对应config.json里的"dsSettings"部分的path里的文件夹"/var/run/ss-loop" - -修改完成后需要执行 -``` -systemctl disable v2ray.service -systemctl enable v2ray.service -``` -否则由于fhs脚本使用的nobody用户的权限不够,无法在/var/run里新建文件夹'ss-loop'而导致启动失败。 - -## 客户端配置示意 -**你应该按照服务端的设置修改对应的参数** -### shadowsocks windows 客户端关键部分示例如下: -``` -Server IP: example.com -Server Port: 443 -Passowrd: ifYouWantToKeepYourPassphraseSafeChangeThis!! -Encryption: chacha20-ietf-poly1305 -Plugin Program: pathToYourV2ray-plugin_windows_arch.exe -Plugin Options: tls;mode=websocket;path=/michi;host=example.com -``` -### shadowsocks Android plugin 关键部分示例如下: - -**需安装 shadowsocks 和 v2ray plugin,并搭配一同使用** -``` -Plugin: v2ray -Configure: - Transport mode: websocket-tls - Hostname: example.com - Path: /michi - Concurrent connections: 1 - Certificate for TLS verification: Not set -``` +# 这是一个使用 V2Ray 作为 ss + v2ray plugin 服务端的示例 +> 完整的设置还需要一个web服务器解密TLS后将请求转发给后端的v2ray位于127.0.0.1:10000。由于 https://guide.v2fly.org/advanced/wss_and_web.html#%E9%85%8D%E7%BD%AE 已经有了服务器的设置这里不再赘述,可以按需参考白话文教程里的web服务器设置。 + +**config_server_redirect.json 和 config_server_domainsocket.json 选其一** + +如果使用domain socket需要修改/etc/systemd/system/v2ray.service +在[Service]部分添加 +``` +RuntimeDirectory=ss-loop +``` +'ss-loop'对应config.json里的"dsSettings"部分的path里的文件夹"/var/run/ss-loop" + +修改完成后需要执行 +``` +systemctl disable v2ray.service +systemctl enable v2ray.service +``` +否则由于fhs脚本使用的nobody用户的权限不够,无法在/var/run里新建文件夹'ss-loop'而导致启动失败。 + +## 客户端配置示意 +**你应该按照服务端的设置修改对应的参数** +### shadowsocks windows 客户端关键部分示例如下: +``` +Server IP: example.com +Server Port: 443 +Password: ifYouWantToKeepYourPassphraseSafeChangeThis!! +Encryption: chacha20-ietf-poly1305 +Plugin Program: pathToYourV2ray-plugin_windows_arch.exe +Plugin Options: tls;mode=websocket;path=/michi;host=example.com +``` +### shadowsocks Android plugin 关键部分示例如下: + +**需安装 shadowsocks 和 v2ray plugin,并搭配一同使用** +``` +Plugin: v2ray +Configuration: + Transport mode: websocket-tls + Hostname: example.com + Path: /michi + Concurrent connections: 1 + Certificate for TLS verification: Not set +``` diff --git a/Shadowsocks-Websocket-Web-TLS/README.md b/Shadowsocks-Websocket-Web-TLS/README.md index 687d14b..875591d 100644 --- a/Shadowsocks-Websocket-Web-TLS/README.md +++ b/Shadowsocks-Websocket-Web-TLS/README.md @@ -1,45 +1,45 @@ -# This is the server config.json example to utilizing V2ray as the server for Shadowsocks + V2Ray Plugin -> The complete setup also requires a web server to handle the TLS and proxy pass the deciphered request to the backend v2ray server at 127.0.0.1:10000. -> You can find the web server example at https://guide.v2fly.org/en_US/advanced/wss_and_web.html#server-side-configuration - -中文用户请看 Readme - zh-CN. md - -**Choose either one of config_server_redirect.json and config_server_domainsocket.json** - -If you choose to use config_server_domainsocket.json remember to modify the systemd service file @ /etc/systemd/system/v2ray.service. - -Add the following line to the block starting with [Service] -``` -RuntimeDirectory=ss-loop -``` -'ss-loop' corresponds to the "/var/run/ss-loop" folder in the "dsSettings" part of the config.json. - -Execute the following commands to re-enable the v2ray.service. -``` -systemctl disable v2ray.service -systemctl enable v2ray.service -``` -Since nobody user does not have the right permission to create the 'ss-loop' folder in /var/run. -## Client configuration examples -**You should change the parameters according to your server configs** -### shadowsocks windows client configuration examples: -``` -Server IP: example.com -Server Port: 443 -Passowrd: ifYouWantToKeepYourPassphraseSafeChangeThis!! -Encryption: chacha20-ietf-poly1305 -Plugin Program: pathToYourV2ray-plugin_windows_arch.exe -Plugin Options: tls;mode=websocket;path=/michi;host=example.com -``` -### shadowsocks Android plugin configuration examples: - -> Both the shadowsocks android and the V2Ray plugin android are mandatory, they are available on Google Play Store. -``` -Plugin: v2ray -Configure...: - Transport mode: websocket-tls - Hostname: example.com - Path: /michi - Concurrent connections: 1 - Certificate for TLS verification: Not set -``` +# This is the server config.json example to utilizing V2ray as the server for Shadowsocks + V2Ray Plugin +> The complete setup also requires a web server to handle the TLS and proxy pass the deciphered request to the backend v2ray server at 127.0.0.1:10000. +> You can find the web server example at https://guide.v2fly.org/en_US/advanced/wss_and_web.html#server-side-configuration + +中文用户请看 Readme - zh-CN. md + +**Choose either one of config_server_redirect.json and config_server_domainsocket.json** + +If you choose to use config_server_domainsocket.json remember to modify the systemd service file @ /etc/systemd/system/v2ray.service. + +Add the following line to the block starting with [Service] +``` +RuntimeDirectory=ss-loop +``` +'ss-loop' corresponds to the "/var/run/ss-loop" folder in the "dsSettings" part of the config.json. + +Execute the following commands to re-enable the v2ray.service. +``` +systemctl disable v2ray.service +systemctl enable v2ray.service +``` +Since nobody user does not have the right permission to create the 'ss-loop' folder in /var/run. +## Client configuration examples +**You should change the parameters according to your server configs** +### shadowsocks windows client configuration examples: +``` +Server IP: example.com +Server Port: 443 +Password: ifYouWantToKeepYourPassphraseSafeChangeThis!! +Encryption: chacha20-ietf-poly1305 +Plugin Program: pathToYourV2ray-plugin_windows_arch.exe +Plugin Options: tls;mode=websocket;path=/michi;host=example.com +``` +### shadowsocks Android plugin configuration examples: + +> Both the shadowsocks android and the V2Ray plugin android are mandatory, they are available on Google Play Store. +``` +Plugin: v2ray +Configuration: + Transport mode: websocket-tls + Hostname: example.com + Path: /michi + Concurrent connections: 1 + Certificate for TLS verification: Not set +``` diff --git a/Shadowsocks-Websocket-Web-TLS/config_server_domainsocket.json b/Shadowsocks-Websocket-Web-TLS/config_server_domainsocket.json index 84db8d7..c15dfd5 100644 --- a/Shadowsocks-Websocket-Web-TLS/config_server_domainsocket.json +++ b/Shadowsocks-Websocket-Web-TLS/config_server_domainsocket.json @@ -1,83 +1,83 @@ -{ - "log": { - "loglevel": "warning" - }, - "routing": { - "domainStrategy": "AsIs", - "rules": [ - { - "type": "field", - "inboundTag": "wsdoko", - "outboundTag": "ssmux" - }, - { - "type": "field", - "ip": [ - "geoip:private" - ], - "outboundTag": "blocked" - } - ] - }, - "inbounds": [ - { - "port": 10000, - "listen": "127.0.0.1", - "protocol": "dokodemo-door", - "tag": "wsdoko", - "settings": { - "address": "v1.mux.cool", - "followRedirect": false, - "network": "tcp, udp" - }, - "sniffing": { - "enabled": true, - "destOverride": [ - "http", - "tls" - ] - }, - "streamSettings": { - "network": "ws", - "wsSettings": { - "path": "/michi" - } - } - }, - { - "port": 9000, - "protocol": "shadowsocks", - "settings": { - "method": "chacha20-ietf-poly1305", - "ota": false, - "password": "ifYouWantToKeepYourPassphraseSafeChangeThis!!", - "network": "tcp,udp" - }, - "streamSettings": { - "network": "domainsocket" - } - } - ], - "outbounds": [ - { - "protocol": "freedom", - "settings": {}, - "tag": "direct" - }, - { - "protocol": "blackhole", - "settings": {}, - "tag": "blocked" - }, - { - "protocol": "freedom", - "tag": "ssmux", - "streamSettings": { - "network": "domainsocket" - } - } - ], - "dsSettings": { - "path": "/var/run/ss-loop/ss-loop.sock" - } -} \ No newline at end of file +{ + "log": { + "loglevel": "warning" + }, + "routing": { + "domainStrategy": "AsIs", + "rules": [ + { + "type": "field", + "inboundTag": "wsdoko", + "outboundTag": "ssmux" + }, + { + "type": "field", + "ip": [ + "geoip:private" + ], + "outboundTag": "blocked" + } + ] + }, + "inbounds": [ + { + "port": 10000, + "listen": "127.0.0.1", + "protocol": "dokodemo-door", + "tag": "wsdoko", + "settings": { + "address": "v1.mux.cool", + "followRedirect": false, + "network": "tcp, udp" + }, + "sniffing": { + "enabled": true, + "destOverride": [ + "http", + "tls" + ] + }, + "streamSettings": { + "network": "ws", + "wsSettings": { + "path": "/michi" + } + } + }, + { + "port": 9000, + "protocol": "shadowsocks", + "settings": { + "method": "chacha20-ietf-poly1305", + "ota": false, + "password": "ifYouWantToKeepYourPassphraseSafeChangeThis!!", + "network": "tcp,udp" + }, + "streamSettings": { + "network": "domainsocket" + } + } + ], + "outbounds": [ + { + "protocol": "freedom", + "settings": {}, + "tag": "direct" + }, + { + "protocol": "blackhole", + "settings": {}, + "tag": "blocked" + }, + { + "protocol": "freedom", + "tag": "ssmux", + "streamSettings": { + "network": "domainsocket" + } + } + ], + "dsSettings": { + "path": "/var/run/ss-loop/ss-loop.sock" + } +} diff --git a/Shadowsocks-Websocket-Web-TLS/config_server_redirect.json b/Shadowsocks-Websocket-Web-TLS/config_server_redirect.json index f8f0c8d..c228910 100644 --- a/Shadowsocks-Websocket-Web-TLS/config_server_redirect.json +++ b/Shadowsocks-Websocket-Web-TLS/config_server_redirect.json @@ -1,77 +1,77 @@ -{ - "log": { - "loglevel": "warning" - }, - "routing": { - "domainStrategy": "AsIs", - "rules": [ - { - "type": "field", - "inboundTag": "wsdoko", - "outboundTag": "ssredirect" - }, - { - "type": "field", - "ip": [ - "geoip:private" - ], - "outboundTag": "blocked" - } - ] - }, - "inbounds": [ - { - "port": 10000, - "listen": "127.0.0.1", - "protocol": "dokodemo-door", - "tag": "wsdoko", - "settings": { - "address": "v1.mux.cool", - "followRedirect": false, - "network": "tcp, udp" - }, - "sniffing": { - "enabled": true, - "destOverride": [ - "http", - "tls" - ] - }, - "streamSettings": { - "network": "ws", - "wsSettings": { - "path": "/michi" - } - } - }, - { - "port": 9000, - "protocol": "shadowsocks", - "settings": { - "method": "chacha20-ietf-poly1305", - "ota": false, - "password": "ifYouWantToKeepYourPassphraseSafeChangeThis!!", - "network": "tcp,udp" - } - } - ], - "outbounds": [ - { - "protocol": "freedom", - "settings": {}, - "tag": "direct" - }, - { - "protocol": "blackhole", - "settings": {}, - "tag": "blocked" - }, - { - "protocol": "freedom", - "tag": "ssredirect", - "settings": { - "redirect": "127.0.0.1:9000" - } - } - ] -} \ No newline at end of file +{ + "log": { + "loglevel": "warning" + }, + "routing": { + "domainStrategy": "AsIs", + "rules": [ + { + "type": "field", + "inboundTag": "wsdoko", + "outboundTag": "ssredirect" + }, + { + "type": "field", + "ip": [ + "geoip:private" + ], + "outboundTag": "blocked" + } + ] + }, + "inbounds": [ + { + "port": 10000, + "listen": "127.0.0.1", + "protocol": "dokodemo-door", + "tag": "wsdoko", + "settings": { + "address": "v1.mux.cool", + "followRedirect": false, + "network": "tcp, udp" + }, + "sniffing": { + "enabled": true, + "destOverride": [ + "http", + "tls" + ] + }, + "streamSettings": { + "network": "ws", + "wsSettings": { + "path": "/michi" + } + } + }, + { + "port": 9000, + "protocol": "shadowsocks", + "settings": { + "method": "chacha20-ietf-poly1305", + "ota": false, + "password": "ifYouWantToKeepYourPassphraseSafeChangeThis!!", + "network": "tcp,udp" + } + } + ], + "outbounds": [ + { + "protocol": "freedom", + "settings": {}, + "tag": "direct" + }, + { + "protocol": "blackhole", + "settings": {}, + "tag": "blocked" + }, + { + "protocol": "freedom", + "tag": "ssredirect", + "settings": { + "redirect": "127.0.0.1:9000" + } + } + ] +} diff --git a/Socks5-TLS/README.md b/Socks5-TLS/README.md new file mode 100644 index 0000000..9199c56 --- /dev/null +++ b/Socks5-TLS/README.md @@ -0,0 +1,76 @@ +## 关于 SOCKS5 over TLS 方案的安全提示 + +该配置组合应仅供技术研究/参考使用,因为 **SOCKS5 over TLS 几乎不提供隐密性保证,可被简单地主动探测**。 + +### 探测方式 +对任意未知 TLS 业务,若怀疑其为 SOCKS5/TLS 业务,审查者可向该端口建立一个 TLS 连接并在其上传送 SOCKS5 载荷。 + +若该服务对 SOCKS5 请求做出响应,无论是否设置 SOCKS5 的鉴权机制,审查者均可通过回包内容一次准确判断该业务是否为 SOCKS5 / TLS。 + +来自 [@studentmain](https://github.com/studentmain) 的两个典型样例对话: + +``` +-> 05 01 01 +<- 05 ff +``` + +``` +-> 05 02 00 02 +<- 05 00 / 05 02 +``` + +### 参考资料 +[RFC1928](https://tools.ietf.org/html/rfc1928) 节录如下: +``` + The client connects to the server, and sends a version + identifier/method selection message: + + +----+----------+----------+ + |VER | NMETHODS | METHODS | + +----+----------+----------+ + | 1 | 1 | 1 to 255 | + +----+----------+----------+ + + The VER field is set to X'05' for this version of the protocol. The + NMETHODS field contains the number of method identifier octets that + appear in the METHODS field. + + The server selects from one of the methods given in METHODS, and + sends a METHOD selection message: + + +----+--------+ + |VER | METHOD | + +----+--------+ + | 1 | 1 | + +----+--------+ + + If the selected METHOD is X'FF', none of the methods listed by the + client are acceptable, and the client MUST close the connection. + + The values currently defined for METHOD are: + + o X'00' NO AUTHENTICATION REQUIRED + o X'01' GSSAPI + o X'02' USERNAME/PASSWORD + o X'03' to X'7F' IANA ASSIGNED + o X'80' to X'FE' RESERVED FOR PRIVATE METHODS + o X'FF' NO ACCEPTABLE METHODS + +``` + +[RFC1929](https://tools.ietf.org/html/rfc1929) 节录如下: + +``` + The server verifies the supplied UNAME and PASSWD, and sends the + following response: + + +----+--------+ + |VER | STATUS | + +----+--------+ + | 1 | 1 | + +----+--------+ + + A STATUS field of X'00' indicates success. If the server returns a + `failure' (STATUS value other than X'00') status, it MUST close the + connection. +``` diff --git a/Socks5-TLS/config_client.json b/Socks5-TLS/config_client.json index 474cc19..5e385d8 100644 --- a/Socks5-TLS/config_client.json +++ b/Socks5-TLS/config_client.json @@ -10,7 +10,7 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] }, @@ -35,7 +35,7 @@ { "protocol": "socks", "settings": { - "server": [ + "servers": [ { "address": "", "port": 1234, @@ -52,8 +52,7 @@ "network": "tcp", "security": "tls", "tlsSettings": { - "serverName": "example.domain", - "allowInsecure": false + "serverName": "example.domain" } }, "tag": "proxy" diff --git a/Trojan-TCP-TLS (minimal)/config_client.json b/Trojan-TCP-TLS (minimal)/config_client.json new file mode 100644 index 0000000..8d76999 --- /dev/null +++ b/Trojan-TCP-TLS (minimal)/config_client.json @@ -0,0 +1,33 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 10800, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "trojan", + "settings": { + "servers": [ + { + "address": "example.com", + "port": 443, + "password": "your password" + } + ] + }, + "streamSettings": { + "network": "tcp", + "security": "tls" + } + } + ] +} \ No newline at end of file diff --git a/Trojan-TCP-TLS (minimal)/config_server.json b/Trojan-TCP-TLS (minimal)/config_server.json new file mode 100644 index 0000000..69387de --- /dev/null +++ b/Trojan-TCP-TLS (minimal)/config_server.json @@ -0,0 +1,39 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 443, + "protocol": "trojan", + "settings": { + "clients": [ + { + "password":"your password", + "email": "love@v2fly.org" + } + ] + }, + "streamSettings": { + "network": "tcp", + "security": "tls", + "tlsSettings": { + "alpn": [ + "http/1.1" + ], + "certificates": [ + { + "certificateFile": "/path/to/fullchain.crt", + "keyFile": "/path/to/private.key" + } + ] + } + } + } + ], + "outbounds": [ + { + "protocol": "freedom" + } + ] +} \ No newline at end of file diff --git a/VLESS-H2C-Caddy2/client.json b/VLESS-H2C-Caddy2/client.json index 3228554..26c1282 100644 --- a/VLESS-H2C-Caddy2/client.json +++ b/VLESS-H2C-Caddy2/client.json @@ -25,7 +25,8 @@ "port":443, "users":[ { - "id":"" + "id":"", + "encryption":"none" } ] } diff --git a/VLESS-H2C-Caddy2/server.json b/VLESS-H2C-Caddy2/server.json index 6a25b65..57fd4e3 100644 --- a/VLESS-H2C-Caddy2/server.json +++ b/VLESS-H2C-Caddy2/server.json @@ -13,7 +13,8 @@ "id": "", "email": "love@v2fly.org" } - ] + ], + "decryption": "none" }, "streamSettings": { "security": "none", diff --git a/VLESS-TCP-TLS (maximal by rprx)/README.md b/VLESS-TCP-TLS (maximal by rprx)/README.md index ca36396..6429e4d 100644 --- a/VLESS-TCP-TLS (maximal by rprx)/README.md +++ b/VLESS-TCP-TLS (maximal by rprx)/README.md @@ -1,6 +1,6 @@ -# VLESS + TCP + TLS + 回落(最强配置) +# VLESS over TCP with TLS + 回落(建站配置) -你应当先了解 [最简配置](),若你有进阶需求如同时建站等,可以参考此配置 +你应当先了解 [最简配置](<../VLESS-TCP-TLS%20(minimal%20by%20rprx)>) 等其它配置,若你有同时建站的需求,可以参考并结合此配置 此配置含 VLESS 回落高级用法: diff --git a/VLESS-TCP-TLS (maximal by rprx)/config_server.json b/VLESS-TCP-TLS (maximal by rprx)/config_server.json index a2eec49..e9912de 100644 --- a/VLESS-TCP-TLS (maximal by rprx)/config_server.json +++ b/VLESS-TCP-TLS (maximal by rprx)/config_server.json @@ -22,7 +22,7 @@ }, { "alpn": "h2", - "dest": "/dev/shm/h2.sock", + "dest": "/dev/shm/h2c.sock", "xver": 1 } ] diff --git a/VLESS-TCP-TLS (maximal by rprx)/nginx.conf b/VLESS-TCP-TLS (maximal by rprx)/nginx.conf index 440e427..8b99c90 100644 --- a/VLESS-TCP-TLS (maximal by rprx)/nginx.conf +++ b/VLESS-TCP-TLS (maximal by rprx)/nginx.conf @@ -45,28 +45,7 @@ http { server { listen unix:/dev/shm/default.sock proxy_protocol; - server_name _; - root /usr/share/nginx/html; - - set_real_ip_from 127.0.0.1; - - # Load configuration files for the default server block. - include /etc/nginx/default.d/*.conf; - - location / { - } - - error_page 404 /404.html; - location = /40x.html { - } - - error_page 500 502 503 504 /50x.html; - location = /50x.html { - } - } - - server { - listen unix:/dev/shm/h2.sock http2 proxy_protocol; + listen unix:/dev/shm/h2c.sock http2 proxy_protocol; server_name _; root /usr/share/nginx/html; diff --git a/VLESS-TCP-TLS (minimal by rprx)/README.md b/VLESS-TCP-TLS (minimal by rprx)/README.md index a1ca57e..0aa687a 100644 --- a/VLESS-TCP-TLS (minimal by rprx)/README.md +++ b/VLESS-TCP-TLS (minimal by rprx)/README.md @@ -1,8 +1,8 @@ -# VLESS + TCP + TLS + 回落(最简配置) +# VLESS over TCP with TLS + 回落(最简配置) 你需要有一个解析到服务器 IP 的域名,并且申请了证书,比如 let's encrypt -你还需要一个 Nginx: +你还需要一个 Nginx:(或者 Caddy 等任一 Web 服务器) 1. 用系统自带的包管理器安装 nginx,具体方法请 Google 2. nginx 的默认配置就是监听 80 端口,无需修改 @@ -11,3 +11,7 @@ 5. 执行 `systemctl start nginx` 启动 nginx 若服务器开启了防火墙或 VPS 有安全组,记得放行 TCP/80、443 端口 + +--- + +接下来,你可以了解 [建站配置](<../VLESS-TCP-TLS%20(maximal%20by%20rprx)>)(回落高级用法)、尝试 [进阶配置](<../VLESS-TCP-TLS-WS%20(recommended)>)(分流 to WebSocket) diff --git a/VLESS-TCP-TLS-WS (recommended)/README.md b/VLESS-TCP-TLS-WS (recommended)/README.md new file mode 100644 index 0000000..4d01af0 --- /dev/null +++ b/VLESS-TCP-TLS-WS (recommended)/README.md @@ -0,0 +1,9 @@ +# VLESS over TCP with TLS + 回落 & 分流 to WebSocket(进阶配置) + +这里是 [最简配置](<../VLESS-TCP-TLS%20(minimal%20by%20rprx)>) 的超集,利用 VLESS 强大的回落分流特性,实现了 443 端口 VLESS over TCP with TLS 和任意 WSS 的完美共存 + +该配置供参考,你可以将 WS 上的 VLESS 换成 VMess 等其它任何协议,以及设置更多 PATH、协议共存,都可以做到 + +部署后,你可以同时通过 VLESS over TCP with TLS 和任意 WebSocket with TLS 方式连接到服务器,其中后者都可以通过 CDN + +经实测,VLESS 回落分流 WS 比 Nginx 反代 WS 性能更强,传统的 VMess + WSS 方案完全可以迁移过来,且不失兼容 diff --git a/VLESS-TCP-TLS-WS (recommended)/config_client_tcp_tls.json b/VLESS-TCP-TLS-WS (recommended)/config_client_tcp_tls.json new file mode 100644 index 0000000..a93646d --- /dev/null +++ b/VLESS-TCP-TLS-WS (recommended)/config_client_tcp_tls.json @@ -0,0 +1,42 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 10800, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "vless", + "settings": { + "vnext": [ + { + "address": "example.com", // 换成你的域名或服务器 IP(发起请求时无需解析域名了) + "port": 443, + "users": [ + { + "id": "", // 填写你的 UUID + "encryption": "none", + "level": 0 + } + ] + } + ] + }, + "streamSettings": { + "network": "tcp", + "security": "tls", + "tlsSettings": { + "serverName": "example.com" // 换成你的域名 + } + } + } + ] +} \ No newline at end of file diff --git a/VLESS-TCP-TLS-WS (recommended)/config_client_ws_tls.json b/VLESS-TCP-TLS-WS (recommended)/config_client_ws_tls.json new file mode 100644 index 0000000..8df0f6f --- /dev/null +++ b/VLESS-TCP-TLS-WS (recommended)/config_client_ws_tls.json @@ -0,0 +1,45 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 10800, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "vless", + "settings": { + "vnext": [ + { + "address": "example.com", // 换成你的域名或服务器 IP(发起请求时无需解析域名了) + "port": 443, + "users": [ + { + "id": "", // 填写你的 UUID + "encryption": "none", + "level": 0 + } + ] + } + ] + }, + "streamSettings": { + "network": "ws", + "security": "tls", + "tlsSettings": { + "serverName": "example.com" // 换成你的域名 + }, + "wsSettings": { + "path": "/websocket" // 必须换成自定义的 PATH,需要和服务端的一致 + } + } + } + ] +} \ No newline at end of file diff --git a/VLESS-TCP-TLS-WS (recommended)/config_server.json b/VLESS-TCP-TLS-WS (recommended)/config_server.json new file mode 100644 index 0000000..e00e617 --- /dev/null +++ b/VLESS-TCP-TLS-WS (recommended)/config_server.json @@ -0,0 +1,74 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 443, + "protocol": "vless", + "settings": { + "clients": [ + { + "id": "", // 填写你的 UUID + "level": 0, + "email": "love@v2fly.org" + } + ], + "decryption": "none", + "fallbacks": [ + { + "dest": 80 + }, + { + "path": "/websocket", // 必须换成自定义的 PATH + "dest": 1234, + "xver": 1 + } + ] + }, + "streamSettings": { + "network": "tcp", + "security": "tls", + "tlsSettings": { + "alpn": [ + "http/1.1" + ], + "certificates": [ + { + "certificateFile": "/path/to/fullchain.crt", // 换成你的证书,绝对路径 + "keyFile": "/path/to/private.key" // 换成你的私钥,绝对路径 + } + ] + } + } + }, + { + "port": 1234, + "listen": "127.0.0.1", + "protocol": "vless", + "settings": { + "clients": [ + { + "id": "", // 填写你的 UUID + "level": 0, + "email": "love@v2fly.org" + } + ], + "decryption": "none" + }, + "streamSettings": { + "network": "ws", + "security": "none", + "wsSettings": { + "acceptProxyProtocol": true, // 提醒:若你用 Nginx/Caddy 等反代 WS,需要删掉这行 + "path": "/websocket" // 必须换成自定义的 PATH,需要和上面的一致 + } + } + } + ], + "outbounds": [ + { + "protocol": "freedom" + } + ] +} diff --git a/VLESS-TCP-TLS-proxy protocol/config_client.json b/VLESS-TCP-TLS-proxy protocol/config_client.json index 28c3e83..bb0f66a 100644 --- a/VLESS-TCP-TLS-proxy protocol/config_client.json +++ b/VLESS-TCP-TLS-proxy protocol/config_client.json @@ -65,7 +65,7 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] } diff --git a/VLESS-TCP-TLS-proxy protocol/nginx.conf b/VLESS-TCP-TLS-proxy protocol/nginx.conf index c9b01fd..19decd3 100644 --- a/VLESS-TCP-TLS-proxy protocol/nginx.conf +++ b/VLESS-TCP-TLS-proxy protocol/nginx.conf @@ -37,30 +37,14 @@ http { server { listen 127.0.0.1:8001 proxy_protocol; - server_name yourserver_8001.com; - - set_real_ip_from 192.168.1.0/24; - - charset utf-8; - - access_log logs/yourserver_8001.access.log proxy; - - location / { - root /var/www/html; - } - - error_page 404 /404.html; - - error_page 500 502 503 504 /50x.html; - } - - server { listen 127.0.0.1:8002 http2 proxy_protocol; - server_name yourserver_8002.com; + server_name yourserver.com; + + set_real_ip_from 127.0.0.1; charset utf-8; - access_log logs/yourserver_8002.access.log proxy; + access_log logs/yourserver.access.log proxy; location / { root /var/www/html; diff --git a/VLESS-TCP-TLS/config_client.json b/VLESS-TCP-TLS/config_client.json index 28c3e83..01572d1 100644 --- a/VLESS-TCP-TLS/config_client.json +++ b/VLESS-TCP-TLS/config_client.json @@ -27,7 +27,7 @@ { "address": "1.2.3.4", "port": 443, - "user": [ + "users": [ { "id": "", "encryption": "none", @@ -65,8 +65,8 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] } -} \ No newline at end of file +} diff --git a/VLESS-TCP-TLS/nginx.conf b/VLESS-TCP-TLS/nginx.conf index 15d4740..f5d139b 100644 --- a/VLESS-TCP-TLS/nginx.conf +++ b/VLESS-TCP-TLS/nginx.conf @@ -34,28 +34,12 @@ http { server { listen 127.0.0.1:8001; - server_name yourserver_8001.com; - - charset utf-8; - - access_log logs/yourserver_8001.access.log main; - - location / { - root /var/www/html; - } - - error_page 404 /404.html; - - error_page 500 502 503 504 /50x.html; - } - - server { listen 127.0.0.1:8002 http2; - server_name yourserver_8002.com; + server_name yourserver.com; charset utf-8; - access_log logs/yourserver_8002.access.log main; + access_log logs/yourserver.access.log main; location / { root /var/www/html; diff --git a/VLESS-TCP/config_client.json b/VLESS-TCP/config_client.json index 17d1057..7fe2d60 100644 --- a/VLESS-TCP/config_client.json +++ b/VLESS-TCP/config_client.json @@ -27,7 +27,7 @@ { "address": "1.2.3.4", "port": 1234, - "user": [ + "users": [ { "id": "", "encryption": "none", @@ -55,8 +55,8 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] } -} \ No newline at end of file +} diff --git a/VLESS-gRPC-TLS/config_client.json b/VLESS-gRPC-TLS/config_client.json new file mode 100644 index 0000000..8ce239b --- /dev/null +++ b/VLESS-gRPC-TLS/config_client.json @@ -0,0 +1,47 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "listen": "127.0.0.1", + "port": "1080", + "protocol": "socks", + "settings": { + "auth": "noauth" + } + } + ], + "outbounds": [ + { + "protocol": "vless", + "settings": { + "vnext": [ + { + "address": "your_server_ip", + "port": 443, + "users": [ + { + "id": "", + "encryption": "none" + } + ] + } + ] + }, + "streamSettings": { + "network": "gun", + "security": "tls", + "tlsSettings": { + "serverName": "your_domain", + "alpn": [ + "h2" + ] + }, + "grpcSettings": { + "serviceName": "GunService" + } + } + } + ] +} \ No newline at end of file diff --git a/VLESS-gRPC-TLS/config_server.json b/VLESS-gRPC-TLS/config_server.json new file mode 100644 index 0000000..46bc3cb --- /dev/null +++ b/VLESS-gRPC-TLS/config_server.json @@ -0,0 +1,46 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "listen": "0.0.0.0", + "port": 443, + "protocol": "vless", + "settings": { + "clients": [ + { + "id": "", + "email": "love@v2fly.org" + } + ], + "decryption": "none" + }, + "streamSettings": { + "network": "gun", + "security": "tls", + "tlsSettings": { + "serverName": "your_domain", + "alpn": [ + "h2" + ], + "certificates": [ + { + "certificateFile": "/path/to/fullchain.crt", + "keyFile": "/path/to/private.key" + } + ] + }, + "grpcSettings": { + "serviceName": "GunService" + } + } + } + ], + "outbounds": [ + { + "protocol": "freedom", + "tag": "direct" + } + ] +} \ No newline at end of file diff --git a/VLESS-mKCPSeed/config_client.json b/VLESS-mKCPSeed/config_client.json new file mode 100644 index 0000000..a8d4c34 --- /dev/null +++ b/VLESS-mKCPSeed/config_client.json @@ -0,0 +1,40 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 1080, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "vless", + "settings": { + "vnext": [ + { + "address": "{{ host }}", + "port": "{{ port }}", + "users": [ + { + "id": "{{ uuid }}", + "encryption": "none" + } + ] + } + ] + }, + "streamSettings": { + "network": "kcp", + "kcpSettings": { + "seed": "{{ seed }}" + } + } + } + ] +} \ No newline at end of file diff --git a/VLESS-mKCPSeed/config_server.json b/VLESS-mKCPSeed/config_server.json new file mode 100644 index 0000000..51cf25d --- /dev/null +++ b/VLESS-mKCPSeed/config_server.json @@ -0,0 +1,30 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "protocol": "vless", + "port": "{{ port }}", + "settings": { + "decryption":"none", + "clients": [ + { + "id": "{{ id }}" + } + ] + }, + "streamSettings": { + "network": "kcp", + "kcpSettings": { + "seed": "{{ seed }}" + } + } + } + ], + "outbounds": [ + { + "protocol": "freedom" + } + ] +} diff --git a/VMess-HTTP/config_client.json b/VMess-HTTP/config_client.json index 1762ab6..f3064e5 100644 --- a/VMess-HTTP/config_client.json +++ b/VMess-HTTP/config_client.json @@ -10,7 +10,7 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] }, @@ -39,12 +39,9 @@ { "address": "", "port": 1234, - "user": [ + "users": [ { - "id": "", - "alterId": 4, - "security": "auto", - "testsEnabled": "VMessAEAD" + "id": "" } ] } diff --git a/VMess-HTTP/config_server.json b/VMess-HTTP/config_server.json index b51c56f..057eb2c 100644 --- a/VMess-HTTP/config_server.json +++ b/VMess-HTTP/config_server.json @@ -22,11 +22,9 @@ "settings": { "clients": [ { - "id": "", - "alterId": 4 + "id": "" } - ], - "disableInsecureEncryption": true + ] }, "streamSettings": { "network": "tcp", diff --git a/VMess-HTTP2/Caddy/Caddyfile b/VMess-HTTP2/Caddy/Caddyfile deleted file mode 100644 index d55a735..0000000 --- a/VMess-HTTP2/Caddy/Caddyfile +++ /dev/null @@ -1,11 +0,0 @@ -https://example.domain { - tls kiri_so@outlook.com - root /var/www/ - - proxy /test https://127.0.0.1:8443 { - header_upstream Host "example.domain" - header_upstream X-Forwarded-Proto "https" - insecure_skip_verify - } - -} \ No newline at end of file diff --git a/VMess-HTTP2/Caddy/config_client.json b/VMess-HTTP2/Caddy/config_client.json deleted file mode 100644 index e4e7ed5..0000000 --- a/VMess-HTTP2/Caddy/config_client.json +++ /dev/null @@ -1,111 +0,0 @@ -{ - "outbound": { - "streamSettings": { - "network": "h2", - "kcpSettings": null, - "httpSettings": { - "host": [ - "example.domain" - ], - "path": "/test" - }, - "tcpSettings": null, - "tlsSettings": {}, - "security": "tls" - }, - "tag": "agentout", - "protocol": "vmess", - "mux": { - "enabled": true - }, - "settings": { - "vnext": [ - { - "users": [ - { - "alterId": 100, - "security": "aes-128-gcm", - "id": "0cdf8a45-303d-4fed-9780-29aa7f54175e" - } - ], - "port": 443, - "address": "example.domain" - } - ] - } - }, - "log": { - "access": "", - "loglevel": "info", - "error": "" - }, - "outboundDetour": [ - { - "tag": "direct", - "protocol": "freedom", - "settings": { - "response": null - } - }, - { - "tag": "blockout", - "protocol": "blackhole", - "settings": { - "response": { - "type": "http" - } - } - } - ], - "inbound": { - "streamSettings": null, - "settings": { - "ip": "127.0.0.1", - "udp": true, - "clients": null, - "auth": "noauth" - }, - "protocol": "socks", - "port": 1080, - "listen": "0.0.0.0" - }, - "inboundDetour": null, - "routing": { - "settings": { - "rules": [ - { - "ip": [ - "0.0.0.0/8", - "10.0.0.0/8", - "100.64.0.0/10", - "127.0.0.0/8", - "169.254.0.0/16", - "172.16.0.0/12", - "192.0.0.0/24", - "192.0.2.0/24", - "192.168.0.0/16", - "198.18.0.0/15", - "198.51.100.0/24", - "203.0.113.0/24", - "::1/128", - "fc00::/7", - "fe80::/10" - ], - "domain": null, - "type": "field", - "port": null, - "outboundTag": "direct" - } - ], - "domainStrategy": "IPIfNonMatch" - }, - "strategy": "rules" - }, - "dns": { - "servers": [ - "8.8.8.8", - "8.8.4.4", - "localhost" - ] - } -} \ No newline at end of file diff --git a/VMess-HTTP2/Caddy/config_server.json b/VMess-HTTP2/Caddy/config_server.json deleted file mode 100644 index 7fa11b2..0000000 --- a/VMess-HTTP2/Caddy/config_server.json +++ /dev/null @@ -1,91 +0,0 @@ -{ - "outbound": { - "streamSettings": null, - "tag": null, - "protocol": "freedom", - "mux": null, - "settings": null - }, - "log": { - "access": "/var/log/v2ray/access.log", - "loglevel": "error", - "error": "/var/log/v2ray/error.log" - }, - "inboundDetour": null, - "inbound": { - "streamSettings": { - "network": "h2", - "kcpSettings": null, - "httpSettings": { - "host": [ - "example.domain" - ], - "path": "/test" - }, - "tcpSettings": null, - "tlsSettings": { - "certificates": [ - { - "keyFile": "/path/to/example.domain.key", - "certificateFile": "/path/to/example.domain/fullchain.cer" - } - ] - }, - "security": "tls" - }, - "listen": null, - "protocol": "vmess", - "port": 8443, - "settings": { - "ip": null, - "udp": true, - "clients": [ - { - "alterId": 100, - "security": "aes-128-gcm", - "id": "0cdf8a45-303d-4fed-9780-29aa7f54175e" - } - ], - "auth": null - } - }, - "outboundDetour": [ - { - "tag": "blocked", - "protocol": "blackhole", - "settings": null - } - ], - "routing": { - "strategy": "rules", - "settings": { - "rules": [ - { - "ip": [ - "0.0.0.0/8", - "10.0.0.0/8", - "100.64.0.0/10", - "127.0.0.0/8", - "169.254.0.0/16", - "172.16.0.0/12", - "192.0.0.0/24", - "192.0.2.0/24", - "192.168.0.0/16", - "198.18.0.0/15", - "198.51.100.0/24", - "203.0.113.0/24", - "::1/128", - "fc00::/7", - "fe80::/10" - ], - "domain": null, - "type": "field", - "port": null, - "outboundTag": "blocked" - } - ], - "domainStrategy": null - } - }, - "dns": null -} \ No newline at end of file diff --git a/VMess-HTTP2/config_client.json b/VMess-HTTP2/config_client.json index 84ec912..dca39f7 100644 --- a/VMess-HTTP2/config_client.json +++ b/VMess-HTTP2/config_client.json @@ -10,7 +10,7 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] }, @@ -39,10 +39,9 @@ { "address": "", "port": 1234, - "user": [ + "users": [ { "id": "", - "alterId": 4, "security": "none" } ] @@ -51,17 +50,7 @@ }, "streamSettings": { "network": "http", - "httpSettings": { - "host": [ - "example.domain" - ], - "path": "" - }, - "security": "tls", - "tlsSettings": { - "serverName": "example.domain", - "allowInsecure": false - } + "security": "tls" }, "tag": "proxy" }, diff --git a/VMess-HTTP2/config_server.json b/VMess-HTTP2/config_server.json index a6dafd7..f4f3205 100644 --- a/VMess-HTTP2/config_server.json +++ b/VMess-HTTP2/config_server.json @@ -22,20 +22,12 @@ "settings": { "clients": [ { - "id": "", - "alterId": 4 + "id": "" } - ], - "disableInsecureEncryption": false + ] }, "streamSettings": { "network": "http", - "httpSettings": { - "host": [ - "example.domain" - ], - "path": "" - }, "security": "tls", "tlsSettings": { "certificates": [ diff --git a/VMess-TCP-TLS/config_client.json b/VMess-TCP-TLS/config_client.json index 093dd2a..60ba57a 100644 --- a/VMess-TCP-TLS/config_client.json +++ b/VMess-TCP-TLS/config_client.json @@ -10,7 +10,7 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] }, @@ -39,10 +39,9 @@ { "address": "", "port": 1234, - "user": [ + "users": [ { "id": "", - "alterId": 4, "security": "none" } ] @@ -51,11 +50,7 @@ }, "streamSettings": { "network": "tcp", - "security": "tls", - "tlsSettings": { - "serverName": "example.domain", - "allowInsecure": false - } + "security": "tls" }, "tag": "proxy" }, diff --git a/VMess-TCP-TLS/config_server.json b/VMess-TCP-TLS/config_server.json index 5c7390f..5b40b63 100644 --- a/VMess-TCP-TLS/config_server.json +++ b/VMess-TCP-TLS/config_server.json @@ -22,11 +22,9 @@ "settings": { "clients": [ { - "id": "", - "alterId": 4 + "id": "" } - ], - "disableInsecureEncryption": false + ] }, "streamSettings": { "network": "tcp", diff --git a/VMess-TCP/config_client.json b/VMess-TCP/config_client.json index c9c08a8..852e399 100644 --- a/VMess-TCP/config_client.json +++ b/VMess-TCP/config_client.json @@ -10,7 +10,7 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] }, @@ -39,12 +39,9 @@ { "address": "", "port": 1234, - "user": [ + "users": [ { - "id": "", - "alterId": 4, - "security": "auto", - "testsEnabled": "VMessAEAD" + "id": "" } ] } diff --git a/VMess-TCP/config_server.json b/VMess-TCP/config_server.json index cb71d06..8f379ea 100644 --- a/VMess-TCP/config_server.json +++ b/VMess-TCP/config_server.json @@ -22,11 +22,9 @@ "settings": { "clients": [ { - "id": "", - "alterId": 4 + "id": "" } - ], - "disableInsecureEncryption": true + ] }, "streamSettings": { "network": "tcp" diff --git a/VMess-Websocket-TLS/Caddy-Header/Caddyfile b/VMess-Websocket-TLS/Caddy-Header/Caddyfile deleted file mode 100644 index a66e5ff..0000000 --- a/VMess-Websocket-TLS/Caddy-Header/Caddyfile +++ /dev/null @@ -1,17 +0,0 @@ -https://example.domain * { - gzip - tls kiri_so@outlook.com - proxy / https://www.baidu.com - log / stdout "{request}" - - rewrite { - if {host} is google.com - to /test - } - - proxy /test localhost:1234 { - websocket - without /test - } -} - diff --git a/VMess-Websocket-TLS/Caddy-Header/config_client.json b/VMess-Websocket-TLS/Caddy-Header/config_client.json deleted file mode 100644 index 3e33037..0000000 --- a/VMess-Websocket-TLS/Caddy-Header/config_client.json +++ /dev/null @@ -1,112 +0,0 @@ -{ - "outbound": { - "streamSettings": { - "network": "ws", - "kcpSettings": null, - "wsSettings": { - "headers": { - "host": "google.com" - }, - "path": "/" - }, - "tcpSettings": null, - "tlsSettings": {}, - "security": "tls" - }, - "tag": "agentout", - "protocol": "vmess", - "mux": { - "enabled": true, - "concurrency": 8 - }, - "settings": { - "vnext": [ - { - "users": [ - { - "alterId": 100, - "security": "aes-128-gcm", - "id": "e2b39869-7e9e-411b-a561-00904419bed9" - } - ], - "port": 443, - "address": "example.domain" - } - ] - } - }, - "log": { - "access": "", - "loglevel": "info", - "error": "" - }, - "outboundDetour": [ - { - "tag": "direct", - "protocol": "freedom", - "settings": { - "response": null - } - }, - { - "tag": "blockout", - "protocol": "blackhole", - "settings": { - "response": { - "type": "http" - } - } - } - ], - "inbound": { - "streamSettings": null, - "settings": { - "ip": "127.0.0.1", - "udp": true, - "clients": null, - "auth": "noauth" - }, - "protocol": "socks", - "port": 10086, - "listen": "0.0.0.0" - }, - "inboundDetour": null, - "routing": { - "settings": { - "rules": [ - { - "ip": [ - "0.0.0.0/8", - "10.0.0.0/8", - "100.64.0.0/10", - "127.0.0.0/8", - "169.254.0.0/16", - "172.16.0.0/12", - "192.0.0.0/24", - "192.0.2.0/24", - "192.168.0.0/16", - "198.18.0.0/15", - "198.51.100.0/24", - "203.0.113.0/24", - "::1/128", - "fc00::/7", - "fe80::/10" - ], - "domain": null, - "type": "field", - "port": null, - "outboundTag": "direct" - } - ], - "domainStrategy": "IPIfNonMatch" - }, - "strategy": "rules" - }, - "dns": { - "servers": [ - "8.8.8.8", - "8.8.4.4", - "localhost" - ] - } -} \ No newline at end of file diff --git a/VMess-Websocket-TLS/Caddy-Header/config_server.json b/VMess-Websocket-TLS/Caddy-Header/config_server.json deleted file mode 100644 index 4ddfb2e..0000000 --- a/VMess-Websocket-TLS/Caddy-Header/config_server.json +++ /dev/null @@ -1,89 +0,0 @@ -{ - "outbound": { - "streamSettings": null, - "tag": null, - "protocol": "freedom", - "mux": null, - "settings": null - }, - "log": { - "access": "/var/log/v2ray/access.log", - "loglevel": "info", - "error": "/var/log/v2ray/error.log" - }, - "outboundDetour": [ - { - "tag": "direct", - "protocol": "freedom", - "settings": null - }, - { - "tag": "blocked", - "protocol": "blackhole", - "settings": null - } - ], - "inbound": { - "streamSettings": { - "network": "ws", - "kcpSettings": null, - "wsSettings": { - "headers": { - "host": "google.com" - }, - "path": "/" - }, - "tcpSettings": null, - "tlsSettings": {}, - "security": "" - }, - "settings": { - "ip": null, - "udp": true, - "clients": [ - { - "alterId": 100, - "security": "aes-128-gcm", - "id": "e2b39869-7e9e-411b-a561-00904419bed9" - } - ], - "auth": null - }, - "protocol": "vmess", - "port": 1234, - "listen": null - }, - "inboundDetour": null, - "routing": { - "settings": { - "rules": [ - { - "ip": [ - "0.0.0.0/8", - "10.0.0.0/8", - "100.64.0.0/10", - "127.0.0.0/8", - "169.254.0.0/16", - "172.16.0.0/12", - "192.0.0.0/24", - "192.0.2.0/24", - "192.168.0.0/16", - "198.18.0.0/15", - "198.51.100.0/24", - "203.0.113.0/24", - "::1/128", - "fc00::/7", - "fe80::/10" - ], - "domain": null, - "type": "field", - "port": null, - "outboundTag": "blocked" - } - ], - "domainStrategy": null - }, - "strategy": "rules" - }, - "dns": null -} \ No newline at end of file diff --git a/VMess-Websocket-TLS/Caddy-Path/Caddyfile b/VMess-Websocket-TLS/Caddy-Path/Caddyfile deleted file mode 100644 index 68adcab..0000000 --- a/VMess-Websocket-TLS/Caddy-Path/Caddyfile +++ /dev/null @@ -1,10 +0,0 @@ -https://example.domain { - root /usr/local/caddy/www/aria2 - timeouts none - tls kiri_so@outlook.com - gzip - proxy /test localhost:1234 { - websocket - header_upstream -Origin - } -} diff --git a/VMess-Websocket-TLS/Caddy-Path/config_client.json b/VMess-Websocket-TLS/Caddy-Path/config_client.json deleted file mode 100644 index 4069f52..0000000 --- a/VMess-Websocket-TLS/Caddy-Path/config_client.json +++ /dev/null @@ -1,109 +0,0 @@ -{ - "outbound": { - "streamSettings": { - "network": "ws", - "kcpSettings": null, - "wsSettings": { - "path": "/test" - }, - "tcpSettings": null, - "tlsSettings": {}, - "security": "tls" - }, - "tag": "agentout", - "protocol": "vmess", - "mux": { - "enabled": true, - "concurrency": 8 - }, - "settings": { - "vnext": [ - { - "users": [ - { - "alterId": 100, - "security": "aes-128-gcm", - "id": "e2b39869-7e9e-411b-a561-00904419bed9" - } - ], - "port": 443, - "address": "example.domain" - } - ] - } - }, - "log": { - "access": "", - "loglevel": "info", - "error": "" - }, - "outboundDetour": [ - { - "tag": "direct", - "protocol": "freedom", - "settings": { - "response": null - } - }, - { - "tag": "blockout", - "protocol": "blackhole", - "settings": { - "response": { - "type": "http" - } - } - } - ], - "inbound": { - "streamSettings": null, - "settings": { - "ip": "127.0.0.1", - "udp": true, - "clients": null, - "auth": "noauth" - }, - "protocol": "socks", - "port": 10086, - "listen": "0.0.0.0" - }, - "inboundDetour": null, - "routing": { - "settings": { - "rules": [ - { - "ip": [ - "0.0.0.0/8", - "10.0.0.0/8", - "100.64.0.0/10", - "127.0.0.0/8", - "169.254.0.0/16", - "172.16.0.0/12", - "192.0.0.0/24", - "192.0.2.0/24", - "192.168.0.0/16", - "198.18.0.0/15", - "198.51.100.0/24", - "203.0.113.0/24", - "::1/128", - "fc00::/7", - "fe80::/10" - ], - "domain": null, - "type": "field", - "port": null, - "outboundTag": "direct" - } - ], - "domainStrategy": "IPIfNonMatch" - }, - "strategy": "rules" - }, - "dns": { - "servers": [ - "8.8.8.8", - "8.8.4.4", - "localhost" - ] - } -} \ No newline at end of file diff --git a/VMess-Websocket-TLS/Caddy-Path/config_server.json b/VMess-Websocket-TLS/Caddy-Path/config_server.json deleted file mode 100644 index 2714157..0000000 --- a/VMess-Websocket-TLS/Caddy-Path/config_server.json +++ /dev/null @@ -1,86 +0,0 @@ -{ - "outbound": { - "streamSettings": null, - "tag": null, - "protocol": "freedom", - "mux": null, - "settings": null - }, - "log": { - "access": "/var/log/v2ray/access.log", - "loglevel": "info", - "error": "/var/log/v2ray/error.log" - }, - "outboundDetour": [ - { - "tag": "direct", - "protocol": "freedom", - "settings": null - }, - { - "tag": "blocked", - "protocol": "blackhole", - "settings": null - } - ], - "inbound": { - "streamSettings": { - "network": "ws", - "kcpSettings": null, - "wsSettings": { - "path": "/test" - }, - "tcpSettings": null, - "tlsSettings": {}, - "security": "" - }, - "settings": { - "ip": null, - "udp": true, - "clients": [ - { - "alterId": 100, - "security": "aes-128-gcm", - "id": "e2b39869-7e9e-411b-a561-00904419bed9" - } - ], - "auth": null - }, - "protocol": "vmess", - "port": 1234, - "listen": null - }, - "inboundDetour": null, - "routing": { - "settings": { - "rules": [ - { - "ip": [ - "0.0.0.0/8", - "10.0.0.0/8", - "100.64.0.0/10", - "127.0.0.0/8", - "169.254.0.0/16", - "172.16.0.0/12", - "192.0.0.0/24", - "192.0.2.0/24", - "192.168.0.0/16", - "198.18.0.0/15", - "198.51.100.0/24", - "203.0.113.0/24", - "::1/128", - "fc00::/7", - "fe80::/10" - ], - "domain": null, - "type": "field", - "port": null, - "outboundTag": "blocked" - } - ], - "domainStrategy": null - }, - "strategy": "rules" - }, - "dns": null -} \ No newline at end of file diff --git a/VMess-Websocket-TLS/Nginx/config_client.json b/VMess-Websocket-TLS/Nginx/config_client.json deleted file mode 100644 index 073e55b..0000000 --- a/VMess-Websocket-TLS/Nginx/config_client.json +++ /dev/null @@ -1,145 +0,0 @@ -{ - "outbound": { - "protocol": "freedom", - "settings": {}, - "tag": "direct" - }, - "inboundDetour": [ - { - "port": 1086, - "listen": "127.0.0.1", - "protocol": "socks", - "settings": { - "auth": "noauth", - "timeout": 300, - "udp": true - } - } - ], - "outboundDetour": [ - { - "mux": { - "concurrency": 6, - "enabled": true - }, - "protocol": "vmess", - "settings": { - "vnext": [ - { - "users": [ - { - "id": "97c0ec9c-dc4e-11e7-9296-cec278b6b50a", - //"level"字段与"policy"字段中的"levels"字段中的对应,默认值:0,注:需要core≥3.1 - "level": 0, - "alterId": 0, - "security": "aes-128-cfb" - } - ], - "address": "domain.Name", - "port": 443 - } - ] - }, - "streamSettings": { - "tlsSettings": { - "allowInsecure": false - }, - "wsSettings": { - "headers": { - "Host": "domain.Name" - }, - "path": "/PATH/" - }, - "network": "ws", - "security": "tls" - }, - "tag": "proxy" - }, - { - "protocol": "blackhole", - "settings": {}, - "tag": "block" - } - ], - "dns": { - "servers": [ - "8.8.8.8", - "8.8.4.4" - ] - }, - "inbound": { - "port": 1087, - "listen": "127.0.0.1", - "protocol": "http", - "settings": { - "timeout": 300 - } - }, - // 注"policy"字段需要core≥3.1 - "policy": { - "levels": { - "0": { - "uplinkOnly": 0, - "downlinkOnly": 0, - "connIdle": 150, - "handshake": 4 - } - } - }, - "routing": { - "settings": { - "rules": [ - { - "type": "field", - "domain": [ - "geosite:cn" - ], - "outboundTag": "direct" - }, - { - "type": "field", - "domain": [ - "google", - "facebook", - "youtube", - "twitter", - "instagram", - "gmail", - "domain:twimg.com", - "domain:t.co" - ], - "outboundTag": "proxy" - }, - { - "type": "field", - "ip": [ - "8.8.8.8/32", - "8.8.4.4/32", - "91.108.56.0/22", - "91.108.4.0/22", - "109.239.140.0/24", - "149.154.164.0/22", - "91.108.56.0/23", - "67.198.55.0/24", - "149.154.168.0/22", - "149.154.172.0/22" - ], - "outboundTag": "proxy" - }, - { - "type": "field", - "ip": [ - "192.168.0.0/16", - "10.0.0.0/8", - "172.16.0.0/12", - "127.0.0.0/8", - "geoip:cn" - ], - "outboundTag": "direct" - } - ], - "domainStrategy": "IPIfNonMatch" - }, - "strategy": "rules" - } -} diff --git a/VMess-Websocket-TLS/Nginx/config_client_ver4.2.json b/VMess-Websocket-TLS/Nginx/config_client_ver4.2.json deleted file mode 100644 index 47ea614..0000000 --- a/VMess-Websocket-TLS/Nginx/config_client_ver4.2.json +++ /dev/null @@ -1,103 +0,0 @@ -{ - "log": { - "loglevel": "debug" - }, - "inbounds": [ - { - "port": 10086, - "listen": "0.0.0.0", - "tag": "socks-in", - "protocol": "socks", - "settings": { - "auth": "noauth", - "udp": false - } - }, - { - "port": 1087, - "listen": "0.0.0.0", - "tag": "http-in", - "protocol": "http", - "settings": {} - } - ], - "outbounds": [ - { - "mux": { - "concurrency": 32, - "enabled": true - }, - "protocol": "vmess", - "settings": { - "vnext": [ - { - "users": [ - { - //注:填写uuid - "id": "UUID", - "alterId": 64, - "security": "auto" - } - ], - //注:填写域名、端口 - "address": "domain.Name", - "port": 1234 - } - ] - }, - "streamSettings": { - "tlsSettings": { - "allowInsecure": false - }, - "wsSettings": { - "headers": { - "User-Agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.4489.62 Safari/537.36", - //注:填写对应头部 - "Host": "HOST", - "Accept-Encoding": "gzip", - "Pragma": "no-cache" - }, - //注:ws路径 - "path": "/PATH/" - }, - "network": "ws", - "security": "tls" - }, - "tag": "proxy" - }, - { - "protocol": "blackhole", - "settings": {}, - "tag": "blocked" - }, - { - "protocol": "freedom", - "settings": {}, - "tag": "dicert" - } - ], - "routing": { - //注:全域名规则匹配 - "domainStrategy": "AsIs", - "rules": [ - { - "type": "field", - "domain": [ - //注:填写对应域名和host - "domain:domain.Name" - ], - "outboundTag": "dicert" - }, - { - "type": "field", - "inboundTag": [ - "socks-in", - "http-in" - ], - "outboundTag": "proxy" - } - ] - }, - "other": {} -} - diff --git a/VMess-Websocket-TLS/Nginx/config_server.json b/VMess-Websocket-TLS/Nginx/config_server.json deleted file mode 100644 index 2f8043f..0000000 --- a/VMess-Websocket-TLS/Nginx/config_server.json +++ /dev/null @@ -1,84 +0,0 @@ -{ - "log": { - "access": "/var/log/v2ray/access.log", - "error": "/var/log/v2ray/error.log", - //可能取值 "debug" "info" "warning" "error" 其中"debug"记录的数据最多,"error"记录的最少 "none"表示不记录任何内容 默认值为"warning" - "loglevel": "debug" - }, - //注"policy"字段需要core≥3.1 - "policy": { - "levels": { - "0": { - "uplinkOnly": 0, - "downlinkOnly": 0, - "connIdle": 150, - "handshake": 4 - } - } - }, - "inbound": { - //默认值为"0.0.0.0" - "listen": "127.0.0.1", - "port": 10086, - "protocol": "vmess", - "settings": { - "clients": [ - { - "id": "7f43b638-dc47-11e7-9296-cec278b6b50a", - //"level"字段与"policy"字段中的"levels"字段中的对应,默认值:0,注:需要core≥3.1 - "level": 0, - "alterId": 64 - } - ] - }, - "streamSettings": { - "network": "ws", - "security": "auto", - "wsSettings": { - "path": "/PATH/", - "headers": { - "Host": "domain.Name" - } - } - } - }, - "outbound": { - "protocol": "freedom", - "settings": { } - }, - "outboundDetour": [ - { - "protocol": "blackhole", - "settings": { }, - "tag": "blocked" - } - ], - "routing": { - "strategy": "rules", - "settings": { - "rules": [ - { - "type": "field", - "ip": [ - "0.0.0.0/8", - "10.0.0.0/8", - "100.64.0.0/10", - "127.0.0.0/8", - "169.254.0.0/16", - "172.16.0.0/12", - "192.0.0.0/24", - "192.0.2.0/24", - "192.168.0.0/16", - "198.18.0.0/15", - "198.51.100.0/24", - "203.0.113.0/24", - "::1/128", - "fc00::/7", - "fe80::/10" - ], - "outboundTag": "blocked" - } - ] - } - } -} diff --git a/VMess-Websocket-TLS/Nginx/config_server_ver4.2.json b/VMess-Websocket-TLS/Nginx/config_server_ver4.2.json deleted file mode 100644 index c95964e..0000000 --- a/VMess-Websocket-TLS/Nginx/config_server_ver4.2.json +++ /dev/null @@ -1,54 +0,0 @@ -{ - "log": { - "loglevel": "debug" - }, - "inbounds": [ - { - "port": 10086, - "listen": "127.0.0.1", - "tag": "vmess-in", - "protocol": "vmess", - "settings": { - "clients": [ - { - //注:UUID - "id": "UUID", - "alterId": 64 - } - ] - }, - "streamSettings": { - "network": "ws", - "wsSettings": { - //注:ws路径 - "path": "/PATH/", - "headers": { } - } - } - } - ], - "outbounds": [ - { - "protocol": "freedom", - "settings": { }, - "tag": "direct" - }, - { - "protocol": "blackhole", - "settings": { }, - "tag": "blocked" - } - ], - "routing": { - "domainStrategy": "AsIs", - "rules": [ - { - "type": "field", - "inboundTag": [ - "vmess-in" - ], - "outboundTag": "direct" - } - ] - } -} diff --git a/VMess-Websocket-TLS/Nginx/nginx_Domain.Name.conf b/VMess-Websocket-TLS/Nginx/nginx_Domain.Name.conf deleted file mode 100644 index daec2fa..0000000 --- a/VMess-Websocket-TLS/Nginx/nginx_Domain.Name.conf +++ /dev/null @@ -1,131 +0,0 @@ -## -# You should look at the following URL's in order to grasp a solid understanding -# of Nginx configuration files in order to fully unleash the power of Nginx. -# https://www.nginx.com/resources/wiki/start/ -# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ -# https://wiki.debian.org/Nginx/DirectoryStructure -# -# In most cases, administrators will remove this file from sites-enabled/ and -# leave it as reference inside of sites-available where it will continue to be -# updated by the nginx packaging team. -# -# This file will automatically load configuration files provided by other -# applications, such as Drupal or Wordpress. These applications will be made -# available underneath a path with that package name, such as /drupal8. -# -# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. -## - -# Default server configuration -# -#####本配置使用正常环境 debian9_x64 nginx_1.10.3 openssl_1.1.0f v2ray_4.2 -#####兼容客户端Firefox 27, Chrome 30, IE 11 on Windows 7, Edge, Opera 17, Safari 9, Android 5.0, and Java 8 -#####注:切勿修改中的内容,但<该文件>与中的<参数重叠>那么会<遵从前者> - -server { - # 禁用不需要的请求方式 以下只允许 get、post - if ($request_method !~ ^(POST|GET)$) { - return 444; - } - - listen 127.0.0.1:80; - server_name domain.Name; #注:填写自己的域名 - return 301 https://$host/; -} - -upstream v2ray { - server 127.0.0.1:10086; #注:v2ray后端监听地址、端口 - keepalive 2176; # 链接池空闲链接数 -} - -map $http_upgrade $connection_upgrade { - default upgrade; - '' close; -} - - -server { - #要开启 HTTP/2 注意nginx版本 - #可以使用 nginx -V 检查 - listen 127.0.0.1:443 ssl http2 backlog=1024 so_keepalive=120s:60s:10 reuseport; # backlog是nginx 监听队列 默认是511 使用命令 ss -tnl查看(Send-Q); - #设置编码 - charset utf-8; - - #证书配置 - ssl_certificate PATH; #注:填写自己证书路径 - ssl_certificate_key PATH; #注:填写密钥路径 - - ssl_session_cache shared:SSL:50m; - ssl_session_timeout 1d; - ssl_session_tickets off; - - # https://nginx.org/en/docs/http/ngx_http_ssl_module.html - ssl_protocols TLSv1.2; - #openssl ciphers - #注:懒人配置 https://mozilla.github.io/server-side-tls/ssl-config-generator/ - ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; - ssl_prefer_server_ciphers on; - - #安全设定 - #屏蔽请求类型 - if ($request_method !~ ^(POST|GET)$) { - return 444; - } - add_header X-Frame-Options DENY; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Content-Type-Options nosniff; - # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) - ###测试前请使用较少的时间 - ### https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/ - add_header Strict-Transport-Security max-age=15 always; - - #openssl dhparam -out dhparam.pem 2048 - #openssl dhparam -out dhparam.pem 4096 - #ssl_dhparam /home/dhparam.pem; - #ssl_ecdh_curve secp384r1; - - # OCSP Stapling --- - # fetch OCSP records from URL in ssl_certificate and cache them - #ssl_stapling on; - #ssl_stapling_verify on; - #resolver_timeout 10s; - #resolver [去掉括号并将文字改成你希望的dns服务器ip地址] valid=300s; - #范例 resolver 2.2.2.2 valid=300s; - - root /var/www/html; - - # Add index.php to the list if you are using PHP - index index.html index.htm index.php ; - - server_name domain.Name; #注: 将domain.Name 替换成你的域名 - - - location /GLMzpX/ { #注:修改路径 - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; #此处与对应 - proxy_set_header Host $http_host; - - # 向后端传递访客ip - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_requests 25600; - keepalive_timeout 300 300; - proxy_buffering off; - proxy_buffer_size 8k; - - #后端错误重定向 - proxy_intercept_errors on; - error_page 400 = URL; # url是一个网站地址。例如:https://www.xxxx.com/ - if ($http_host = "domain.Name" ) { #注: 修改 domain.Name 为自己的域名 - #v2ray 后端 查看上面"upstream"字段 - proxy_pass http://v2ray; - } - } -} - diff --git a/VMess-Websocket-TLS/config_client.json b/VMess-Websocket-TLS/config_client.json index a49e923..ee49c62 100644 --- a/VMess-Websocket-TLS/config_client.json +++ b/VMess-Websocket-TLS/config_client.json @@ -10,7 +10,7 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] }, @@ -39,10 +39,9 @@ { "address": "", "port": 1234, - "user": [ + "users": [ { "id": "", - "alterId": 4, "security": "none" } ] @@ -51,17 +50,7 @@ }, "streamSettings": { "network": "ws", - "wsSettings": { - "path": "", - "headers": { - "Host": "example.domain" - } - }, - "security": "tls", - "tlsSettings": { - "serverName": "example.domain", - "allowInsecure": false - } + "security": "tls" }, "tag": "proxy" }, diff --git a/VMess-Websocket-TLS/config_server.json b/VMess-Websocket-TLS/config_server.json index 9816222..6d86245 100644 --- a/VMess-Websocket-TLS/config_server.json +++ b/VMess-Websocket-TLS/config_server.json @@ -22,20 +22,12 @@ "settings": { "clients": [ { - "id": "", - "alterId": 4 + "id": "" } - ], - "disableInsecureEncryption": false + ] }, "streamSettings": { "network": "ws", - "wsSettings": { - "path": "", - "headers": { - "Host": "example.domain" - } - }, "security": "tls", "tlsSettings": { "certificates": [ diff --git a/VMess-Websocket/config_client.json b/VMess-Websocket/config_client.json index 8507ddb..07d11a2 100644 --- a/VMess-Websocket/config_client.json +++ b/VMess-Websocket/config_client.json @@ -10,7 +10,7 @@ "ip": [ "geoip:private" ], - "tag": "direct" + "outboundTag": "direct" } ] }, @@ -39,25 +39,16 @@ { "address": "", "port": 1234, - "user": [ + "users": [ { - "id": "", - "alterId": 4, - "security": "auto", - "testsEnabled": "VMessAEAD" + "id": "" } ] } ] }, "streamSettings": { - "network": "ws", - "wsSettings": { - "path": "", - "headers": { - "Host": "" - } - } + "network": "ws" }, "tag": "proxy" }, diff --git a/VMess-Websocket/config_server.json b/VMess-Websocket/config_server.json index 3b088ad..3a6bba7 100644 --- a/VMess-Websocket/config_server.json +++ b/VMess-Websocket/config_server.json @@ -22,20 +22,12 @@ "settings": { "clients": [ { - "id": "", - "alterId": 4 + "id": "" } - ], - "disableInsecureEncryption": true + ] }, "streamSettings": { "network": "ws", - "wsSettings": { - "path": "", - "headers": { - "Host": "" - } - }, "security": "none" } } diff --git a/VMess-mKCPSeed/config_client.json b/VMess-mKCPSeed/config_client.json new file mode 100644 index 0000000..2964622 --- /dev/null +++ b/VMess-mKCPSeed/config_client.json @@ -0,0 +1,39 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 1080, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "vmess", + "settings": { + "vnext": [ + { + "address": "{{ host }}", + "port": "{{ port }}", + "users": [ + { + "id": "{{ uuid }}" + } + ] + } + ] + }, + "streamSettings": { + "network": "kcp", + "kcpSettings": { + "seed": "{{ seed }}" + } + } + } + ] +} \ No newline at end of file diff --git a/VMess-mKCPSeed/config_server.json b/VMess-mKCPSeed/config_server.json new file mode 100644 index 0000000..1ad20a3 --- /dev/null +++ b/VMess-mKCPSeed/config_server.json @@ -0,0 +1,27 @@ +{ + "log": { + "loglevel": "warning" + }, + "inbounds": [ + { + "protocol": "vmess", + "port": "{{ port }}", + "settings": { + "clients": [ + { + "id": "{{ uuid }}" + } + ] + }, + "streamSettings": { + "network": "kcp", + "kcpSettings": { + "seed": "{{ seed }}" + } + } + } + ], + "outbounds": [ + {"protocol": "freedom"} + ] +}